iptables not blocking dhcp traffic (dhclient)

To: debian-firewall@lists.debian.org
Subject: iptables not blocking dhcp traffic (dhclient)
From: "Remy C. Cool" <dev-python@smartology.nl>
Date: Mon, 24 Mar 2003 17:23:06 +0100
Message-id: <[🔎] 200303241723.06141.dev-python@smartology.nl>
Reply-to: dev-python@smartology.nl

Hi,

I've configured kernel 2.4.20 (with freeswan patch) with iptables 
support and installed the iptables package from debian testing 
(1.2.7a-7). When I use the following 'rules', all traffic should be 
dropped is it not?

iptables -F
iptables -X
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -j LOG --log-level 6
iptables -A OUTPUT -j LOG --log-level 6

Why is it that the dhclient program on this machine still get's it IP 
from the dhcp server and why don't I get the DHCP traffic in the log? 
The rules are installed before networking is initialized. (The 
logging works for any other traffic on this box.) 

Also when I create a rule which sets ICMP incomming to REJECT and try 
to telnet to the machine, the 'telnetting' machine does not get the 
icmp port unreachable message but times out. When doing this with my 
old ipchains box, the message was recieved and did not have to wait 
on a timeout. Is this normal behaviour for iptables or does it has to 
be something else?   

Regards,
Remy Cool

Reply to:

Follow-Ups:
- Re: iptables not blocking dhcp traffic (dhclient)
  - From: Frank Matthieß <frankm@lug-owl.de>

Prev by Date: port forwarding configuration
Next by Date: Re: iptables not blocking dhcp traffic (dhclient)
Previous by thread: Re: port forwarding configuration [solve]
Next by thread: Re: iptables not blocking dhcp traffic (dhclient)
Index(es):
- Date
- Thread